diff options
author | Vitaly Chikunov <vt@altlinux.org> | 2020-02-18 00:35:10 +0300 |
---|---|---|
committer | Dmitry Belyavskiy <beldmit@users.noreply.github.com> | 2020-02-26 00:14:25 +0300 |
commit | f3e7c24d4733bb1c096e43345602d3258e994e3c (patch) | |
tree | d755b54b7cb57b1d526bc4dc377389ca74ef7926 /gost_ec_keyx.c | |
parent | 77551c5d97feeceed87b10e66070e8004ffb0135 (diff) | |
download | gost-engine-f3e7c24d4733bb1c096e43345602d3258e994e3c.zip gost-engine-f3e7c24d4733bb1c096e43345602d3258e994e3c.tar.gz gost-engine-f3e7c24d4733bb1c096e43345602d3258e994e3c.tar.bz2 |
ec: Use BN_{CTX_,}secure_new memory API for priv keys
OpenSSL suggests to use (and internally itself uses)
`BN_{CTX_,}secure_new' primitives to work with private keys.
These are using `OPENSSL_secure_malloc' et al. calls, which use
special 'secure heap' memory.
Along, optimize out `hashsum2bn' with `BN_lebin2bn'.
Diffstat (limited to 'gost_ec_keyx.c')
-rw-r--r-- | gost_ec_keyx.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/gost_ec_keyx.c b/gost_ec_keyx.c index 2053d0d..faa0265 100644 --- a/gost_ec_keyx.c +++ b/gost_ec_keyx.c @@ -27,7 +27,7 @@ int VKO_compute_key(unsigned char *shared_key, BIGNUM *UKM = NULL, *p = NULL, *order = NULL, *X = NULL, *Y = NULL, *cofactor = NULL; const BIGNUM *key = EC_KEY_get0_private_key(priv_key); EC_POINT *pnt = EC_POINT_new(EC_KEY_get0_group(priv_key)); - BN_CTX *ctx = BN_CTX_new(); + BN_CTX *ctx = BN_CTX_secure_new(); EVP_MD_CTX *mdctx = NULL; const EVP_MD *md = NULL; int buf_len, half_len; @@ -45,7 +45,7 @@ int VKO_compute_key(unsigned char *shared_key, goto err; } - UKM = hashsum2bn(ukm, ukm_size); + UKM = BN_lebin2bn(ukm, ukm_size, NULL); p = BN_CTX_get(ctx); order = BN_CTX_get(ctx); cofactor = BN_CTX_get(ctx); |